pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/sysutils Update xenkernel45 and xentools45 to 4.5.5.
details: https://anonhg.NetBSD.org/pkgsrc/rev/89e2c1a74be2
branches: trunk
changeset: 353009:89e2c1a74be2
user: bouyer <bouyer%pkgsrc.org@localhost>
date: Wed Sep 21 17:03:37 2016 +0000
description:
Update xenkernel45 and xentools45 to 4.5.5.
Changes since 4.5.3: mostly bugfixes, including fixes for
security issues XSA-172, XSA-173, XSA-175, XSA-176, XSA-178, XSA-179, XSA-180,
XSA-181, XSA-182, XSA-183, XSA-184, XSA-185, XSA-186 and XSA-187.
All but XSA-175 were already fixed in pkgsrc.
Complete list of changes and links to the XSA advisories:
https://www.xenproject.org/downloads/xen-archives/xen-45-series/xen-455.html
diffstat:
sysutils/xenkernel45/Makefile | 6 +-
sysutils/xenkernel45/distinfo | 22 +-
sysutils/xenkernel45/patches/patch-XSA-172 | 41 -
sysutils/xenkernel45/patches/patch-XSA-173 | 246 ----
sysutils/xenkernel45/patches/patch-XSA-176 | 31 -
sysutils/xenkernel45/patches/patch-XSA-180 | 66 -
sysutils/xenkernel45/patches/patch-XSA-181 | 18 -
sysutils/xenkernel45/patches/patch-XSA-182 | 104 --
sysutils/xenkernel45/patches/patch-XSA-183 | 77 -
sysutils/xenkernel45/patches/patch-XSA-185 | 37 -
sysutils/xenkernel45/patches/patch-XSA-186-1 | 43 -
sysutils/xenkernel45/patches/patch-XSA-186-2 | 73 -
sysutils/xenkernel45/patches/patch-XSA-187-1 | 44 -
sysutils/xenkernel45/patches/patch-XSA-187-2 | 144 --
sysutils/xentools45/Makefile | 6 +-
sysutils/xentools45/distinfo | 15 +-
sysutils/xentools45/patches/patch-XSA-178 | 1332 --------------------------
sysutils/xentools45/patches/patch-XSA-179 | 266 -----
sysutils/xentools45/patches/patch-XSA-180 | 66 -
sysutils/xentools45/patches/patch-XSA-184 | 40 -
20 files changed, 17 insertions(+), 2660 deletions(-)
diffs (truncated from 2790 to 300 lines):
diff -r f698b6701634 -r 89e2c1a74be2 sysutils/xenkernel45/Makefile
--- a/sysutils/xenkernel45/Makefile Wed Sep 21 14:27:51 2016 +0000
+++ b/sysutils/xenkernel45/Makefile Wed Sep 21 17:03:37 2016 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.21 2016/09/08 15:44:07 bouyer Exp $
+# $NetBSD: Makefile,v 1.22 2016/09/21 17:03:37 bouyer Exp $
-VERSION= 4.5.3
+VERSION= 4.5.5
DISTNAME= xen-${VERSION}
PKGNAME= xenkernel45-${VERSION}
-PKGREVISION= 3
+#PKGREVISION= 0
CATEGORIES= sysutils
MASTER_SITES= http://bits.xensource.com/oss-xen/release/${VERSION}/
diff -r f698b6701634 -r 89e2c1a74be2 sysutils/xenkernel45/distinfo
--- a/sysutils/xenkernel45/distinfo Wed Sep 21 14:27:51 2016 +0000
+++ b/sysutils/xenkernel45/distinfo Wed Sep 21 17:03:37 2016 +0000
@@ -1,22 +1,10 @@
-$NetBSD: distinfo,v 1.17 2016/09/08 15:44:07 bouyer Exp $
+$NetBSD: distinfo,v 1.18 2016/09/21 17:03:37 bouyer Exp $
-SHA1 (xen-4.5.3.tar.gz) = 95d56c42642adcffe55dcf82a021d49115373108
-RMD160 (xen-4.5.3.tar.gz) = 7ba586b20404e95308007663e87868c0ccc0e6f4
-SHA512 (xen-4.5.3.tar.gz) = 086b9b75e97d836498fd4f34b645c9b2f941db44efe8c7d23e53aa6455d40e1672962aaa7bac0db1db82255dba490c4fe996f356c184e71ea7fa5b483d9e9c0f
-Size (xen-4.5.3.tar.gz) = 18416997 bytes
+SHA1 (xen-4.5.5.tar.gz) = 4073d411c72d3298baacfc15577b92b9ae577073
+RMD160 (xen-4.5.5.tar.gz) = 34132ab04752dc594fbdc1404c95f402b7bbbe39
+SHA512 (xen-4.5.5.tar.gz) = 7e8d7e0248daa91389db0250c5f214dc1ab46c058d556a4326c801933ead05cc450cb9510108586418de029b81a80fd9f272ec1749d288a8250e69599aa2d769
+Size (xen-4.5.5.tar.gz) = 18426889 bytes
SHA1 (patch-Config.mk) = a2a104d023cea4e551a3ad40927d4884d6c610bf
-SHA1 (patch-XSA-172) = ff4560534381d4d4c553170fbeb674f9361d9740
-SHA1 (patch-XSA-173) = 0f6a2c4d9467713f3d969020f8fba62aa2f5297b
-SHA1 (patch-XSA-176) = 221ed0dce1a97e03c0f0cb216f5ffd13269fd162
-SHA1 (patch-XSA-180) = d50f2c7d4ae7bbc8d0ae892f7bdf4ca0ba867d1a
-SHA1 (patch-XSA-181) = 3fc00b9543d6bd834359a299c288839ad69f3fbb
-SHA1 (patch-XSA-182) = 77dfd369df89a51355318e26e38837482f09996e
-SHA1 (patch-XSA-183) = f2a6027ff71c32c16abeb1b17e3226b714a5f1f4
-SHA1 (patch-XSA-185) = a2313922aa4dad734b96c80f64fe54eca3c14019
-SHA1 (patch-XSA-186-1) = 71e4a6c4c683891bac50682a3ab69a204fb681ad
-SHA1 (patch-XSA-186-2) = 6094c2efe468e3f31712659be9a71af2cbe8dc1f
-SHA1 (patch-XSA-187-1) = 55ea0c2d9c7d8d9476a5ab97342ff552be4faf56
-SHA1 (patch-XSA-187-2) = f5308fee03a5d73c8aa283eb82cc36a6a3d3bc06
SHA1 (patch-xen_Makefile) = 750d0c8d4fea14d3ef3f872de5242a1f5104cbbe
SHA1 (patch-xen_arch_x86_Rules.mk) = 7b0894ba7311edb02118a021671f304cf3872154
SHA1 (patch-xen_common_page__alloc.c) = c4d606de1cada8cf89b5abd16efada3d58c68a03
diff -r f698b6701634 -r 89e2c1a74be2 sysutils/xenkernel45/patches/patch-XSA-172
--- a/sysutils/xenkernel45/patches/patch-XSA-172 Wed Sep 21 14:27:51 2016 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,41 +0,0 @@
-$NetBSD: patch-XSA-172,v 1.1 2016/05/12 15:42:58 bouyer Exp $
-
-x86: fix information leak on AMD CPUs
-
-The fix for XSA-52 was wrong, and so was the change synchronizing that
-new behavior to the FXRSTOR logic: AMD's manuals explictly state that
-writes to the ES bit are ignored, and it instead gets calculated from
-the exception and mask bits (it gets set whenever there is an unmasked
-exception, and cleared otherwise). Hence we need to follow that model
-in our workaround.
-
-This is XSA-172.
-
-The first hunk (xen/arch/x86/i387.c:fpu_fxrstor) is CVE-2016-3159.
-The second hunk (xen/arch/x86/xstate.c:xrstor) is CVE-2016-3158.
-
-Signed-off-by: Jan Beulich <jbeulich%suse.com@localhost>
-Reviewed-by: Andrew Cooper <andrew.cooper3%citrix.com@localhost>
-
---- xen/arch/x86/i387.c.orig
-+++ xen/arch/x86/i387.c
-@@ -49,7 +49,7 @@ static inline void fpu_fxrstor(struct vc
- * sometimes new user value. Both should be ok. Use the FPU saved
- * data block as a safe address because it should be in L1.
- */
-- if ( !(fpu_ctxt->fsw & 0x0080) &&
-+ if ( !(fpu_ctxt->fsw & ~fpu_ctxt->fcw & 0x003f) &&
- boot_cpu_data.x86_vendor == X86_VENDOR_AMD )
- {
- asm volatile ( "fnclex\n\t"
---- xen/arch/x86/xstate.c.orig
-+++ xen/arch/x86/xstate.c
-@@ -344,7 +344,7 @@ void xrstor(struct vcpu *v, uint64_t mas
- * data block as a safe address because it should be in L1.
- */
- if ( (mask & ptr->xsave_hdr.xstate_bv & XSTATE_FP) &&
-- !(ptr->fpu_sse.fsw & 0x0080) &&
-+ !(ptr->fpu_sse.fsw & ~ptr->fpu_sse.fcw & 0x003f) &&
- boot_cpu_data.x86_vendor == X86_VENDOR_AMD )
- asm volatile ( "fnclex\n\t" /* clear exceptions */
- "ffree %%st(7)\n\t" /* clear stack tag */
diff -r f698b6701634 -r 89e2c1a74be2 sysutils/xenkernel45/patches/patch-XSA-173
--- a/sysutils/xenkernel45/patches/patch-XSA-173 Wed Sep 21 14:27:51 2016 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,246 +0,0 @@
-$NetBSD: patch-XSA-173,v 1.1 2016/05/12 15:42:58 bouyer Exp $
-
-commit 9d7687d60ae2e09ad2a77b05bd820e7850709375
-Author: Tim Deegan <tim%xen.org@localhost>
-Date: Wed Mar 16 16:56:04 2016 +0000
-
- x86: limit GFNs to 32 bits for shadowed superpages.
-
- Superpage shadows store the shadowed GFN in the backpointer field,
- which for non-BIGMEM builds is 32 bits wide. Shadowing a superpage
- mapping of a guest-physical address above 2^44 would lead to the GFN
- being truncated there, and a crash when we come to remove the shadow
- from the hash table.
-
- Track the valid width of a GFN for each guest, including reporting it
- through CPUID, and enforce it in the shadow pagetables. Set the
- maximum witth to 32 for guests where this truncation could occur.
-
- This is XSA-173.
-
- Signed-off-by: Tim Deegan <tim%xen.org@localhost>
- Signed-off-by: Jan Beulich <jbeulich%suse.com@localhost>
-
-Reported-by: Ling Liu <liuling-it%360.cn@localhost>
-diff --git a/xen/arch/x86/cpu/common.c b/xen/arch/x86/cpu/common.c
-index 5c8d3c2..7dc8220 100644
---- xen/arch/x86/cpu/common.c.orig
-+++ xen/arch/x86/cpu/common.c
-@@ -37,6 +37,7 @@ integer_param("cpuid_mask_ext_edx", opt_cpuid_mask_ext_edx);
- struct cpu_dev * cpu_devs[X86_VENDOR_NUM] = {};
-
- unsigned int paddr_bits __read_mostly = 36;
-+unsigned int hap_paddr_bits __read_mostly = 36;
-
- /*
- * Default host IA32_CR_PAT value to cover all memory types.
-@@ -209,7 +210,7 @@ static void __init early_cpu_detect(void)
-
- static void __cpuinit generic_identify(struct cpuinfo_x86 *c)
- {
-- u32 tfms, capability, excap, ebx;
-+ u32 tfms, capability, excap, ebx, eax;
-
- /* Get vendor name */
- cpuid(0x00000000, &c->cpuid_level,
-@@ -246,8 +247,11 @@ static void __cpuinit generic_identify(struct cpuinfo_x86 *c)
- }
- if ( c->extended_cpuid_level >= 0x80000004 )
- get_model_name(c); /* Default name */
-- if ( c->extended_cpuid_level >= 0x80000008 )
-- paddr_bits = cpuid_eax(0x80000008) & 0xff;
-+ if ( c->extended_cpuid_level >= 0x80000008 ) {
-+ eax = cpuid_eax(0x80000008);
-+ paddr_bits = eax & 0xff;
-+ hap_paddr_bits = ((eax >> 16) & 0xff) ?: paddr_bits;
-+ }
- }
-
- /* Might lift BIOS max_leaf=3 limit. */
-diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
-index 41fb10a..cac458a 100644
---- xen/arch/x86/hvm/hvm.c.orig
-+++ xen/arch/x86/hvm/hvm.c
-@@ -4327,8 +4327,7 @@ void hvm_cpuid(unsigned int input, unsigned int *eax, unsigned int *ebx,
- break;
-
- case 0x80000008:
-- count = cpuid_eax(0x80000008);
-- count = (count >> 16) & 0xff ?: count & 0xff;
-+ count = d->arch.paging.gfn_bits + PAGE_SHIFT;
- if ( (*eax & 0xff) > count )
- *eax = (*eax & ~0xff) | count;
-
-diff --git a/xen/arch/x86/mm/guest_walk.c b/xen/arch/x86/mm/guest_walk.c
-index 1b26175..50ba7d5 100644
---- xen/arch/x86/mm/guest_walk.c.orig
-+++ xen/arch/x86/mm/guest_walk.c
-@@ -94,6 +94,12 @@ void *map_domain_gfn(struct p2m_domain *p2m, gfn_t gfn, mfn_t *mfn,
- struct page_info *page;
- void *map;
-
-+ if ( gfn_x(gfn) >> p2m->domain->arch.paging.gfn_bits )
-+ {
-+ *rc = _PAGE_INVALID_BIT;
-+ return NULL;
-+ }
-+
- /* Translate the gfn, unsharing if shared */
- page = get_page_from_gfn_p2m(p2m->domain, p2m, gfn_x(gfn), p2mt, NULL,
- q);
-@@ -327,20 +333,8 @@ guest_walk_tables(struct vcpu *v, struct p2m_domain *p2m,
- flags &= ~_PAGE_PAT;
-
- if ( gfn_x(start) & GUEST_L2_GFN_MASK & ~0x1 )
-- {
--#if GUEST_PAGING_LEVELS == 2
-- /*
-- * Note that _PAGE_INVALID_BITS is zero in this case, yielding a
-- * no-op here.
-- *
-- * Architecturally, the walk should fail if bit 21 is set (others
-- * aren't being checked at least in PSE36 mode), but we'll ignore
-- * this here in order to avoid specifying a non-natural, non-zero
-- * _PAGE_INVALID_BITS value just for that case.
-- */
--#endif
- rc |= _PAGE_INVALID_BITS;
-- }
-+
- /* Increment the pfn by the right number of 4k pages.
- * Mask out PAT and invalid bits. */
- start = _gfn((gfn_x(start) & ~GUEST_L2_GFN_MASK) +
-@@ -423,5 +417,11 @@ set_ad:
- put_page(mfn_to_page(mfn_x(gw->l1mfn)));
- }
-
-+ /* If this guest has a restricted physical address space then the
-+ * target GFN must fit within it. */
-+ if ( !(rc & _PAGE_PRESENT)
-+ && gfn_x(guest_l1e_get_gfn(gw->l1e)) >> d->arch.paging.gfn_bits )
-+ rc |= _PAGE_INVALID_BITS;
-+
- return rc;
- }
-diff --git a/xen/arch/x86/mm/hap/hap.c b/xen/arch/x86/mm/hap/hap.c
-index 0c80012..84531b1 100644
---- xen/arch/x86/mm/hap/hap.c.orig
-+++ xen/arch/x86/mm/hap/hap.c
-@@ -429,6 +429,8 @@ void hap_domain_init(struct domain *d)
- {
- INIT_PAGE_LIST_HEAD(&d->arch.paging.hap.freelist);
-
-+ d->arch.paging.gfn_bits = hap_paddr_bits - PAGE_SHIFT;
-+
- /* Use HAP logdirty mechanism. */
- paging_log_dirty_init(d, hap_enable_log_dirty,
- hap_disable_log_dirty,
-diff --git a/xen/arch/x86/mm/shadow/common.c b/xen/arch/x86/mm/shadow/common.c
-index 18026fe..9028d82 100644
---- xen/arch/x86/mm/shadow/common.c.orig
-+++ xen/arch/x86/mm/shadow/common.c
-@@ -48,6 +48,16 @@ void shadow_domain_init(struct domain *d, unsigned int domcr_flags)
- INIT_PAGE_LIST_HEAD(&d->arch.paging.shadow.freelist);
- INIT_PAGE_LIST_HEAD(&d->arch.paging.shadow.pinned_shadows);
-
-+ d->arch.paging.gfn_bits = paddr_bits - PAGE_SHIFT;
-+#ifndef CONFIG_BIGMEM
-+ /*
-+ * Shadowed superpages store GFNs in 32-bit page_info fields.
-+ * Note that we cannot use guest_supports_superpages() here.
-+ */
-+ if ( !is_pv_domain(d) || opt_allow_superpage )
-+ d->arch.paging.gfn_bits = 32;
-+#endif
-+
- /* Use shadow pagetables for log-dirty support */
- paging_log_dirty_init(d, shadow_enable_log_dirty,
- shadow_disable_log_dirty, shadow_clean_dirty_bitmap);
-diff --git a/xen/arch/x86/mm/shadow/multi.c b/xen/arch/x86/mm/shadow/multi.c
-index d6802ff..7589d23 100644
---- xen/arch/x86/mm/shadow/multi.c.orig
-+++ xen/arch/x86/mm/shadow/multi.c
-@@ -527,7 +527,8 @@ _sh_propagate(struct vcpu *v,
- ASSERT(GUEST_PAGING_LEVELS > 3 || level != 3);
-
- /* Check there's something for the shadows to map to */
-- if ( !p2m_is_valid(p2mt) && !p2m_is_grant(p2mt) )
-+ if ( (!p2m_is_valid(p2mt) && !p2m_is_grant(p2mt))
-+ || gfn_x(target_gfn) >> d->arch.paging.gfn_bits )
- {
- *sp = shadow_l1e_empty();
- goto done;
-diff --git a/xen/include/asm-x86/domain.h b/xen/include/asm-x86/domain.h
-index 6a77a93..e8df4a9 100644
---- xen/include/asm-x86/domain.h.orig
-+++ xen/include/asm-x86/domain.h
-@@ -188,6 +188,9 @@ struct paging_domain {
- /* log dirty support */
- struct log_dirty_domain log_dirty;
-
-+ /* Number of valid bits in a gfn. */
-+ unsigned int gfn_bits;
-+
- /* preemption handling */
- struct {
- const struct domain *dom;
-diff --git a/xen/include/asm-x86/guest_pt.h b/xen/include/asm-x86/guest_pt.h
-index d2a8250..d95f835 100644
---- xen/include/asm-x86/guest_pt.h.orig
-+++ xen/include/asm-x86/guest_pt.h
-@@ -220,15 +220,17 @@ guest_supports_nx(struct vcpu *v)
- }
-
-
--/* Some bits are invalid in any pagetable entry. */
--#if GUEST_PAGING_LEVELS == 2
--#define _PAGE_INVALID_BITS (0)
--#elif GUEST_PAGING_LEVELS == 3
--#define _PAGE_INVALID_BITS \
-- get_pte_flags(((1ull<<63) - 1) & ~((1ull<<paddr_bits) - 1))
--#else /* GUEST_PAGING_LEVELS == 4 */
-+/*
-+ * Some bits are invalid in any pagetable entry.
-+ * Normal flags values get represented in 24-bit values (see
Home |
Main Index |
Thread Index |
Old Index